0
Session variable on log-in page
Explorer
,
/t5/dreamweaver-discussions/session-variable-on-log-in-page/td-p/1007641
Sep 06, 2006
Sep 06, 2006
Copy link to clipboard
Copied
Hi all,
I need to set a session variable in a Log In User page using the DW built in server behavior, using asp and access db. I want the session variable to be set to ID. The Log In User server behavior already stores username and authorization level in session variables but I also need the record ID of the user to be able to pull out more information about the user later. I am using this code to log in user and store the other session variables:
<%
' *** Validate request to log in to this site.
' *** Loggar in användare samt sparar session variablar "MM_Username" samt "MM_UserAuthorization".
'
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername=CStr(Request.Form("username"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization="access_level"
MM_redirectLoginSuccess="/extranet/Default_2.asp"
MM_redirectLoginFailed="access_denied.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_users_STRING
MM_rsUser.Source = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM users WHERE username='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("password"),"'","''") & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
I need to set a session variable in a Log In User page using the DW built in server behavior, using asp and access db. I want the session variable to be set to ID. The Log In User server behavior already stores username and authorization level in session variables but I also need the record ID of the user to be able to pull out more information about the user later. I am using this code to log in user and store the other session variables:
<%
' *** Validate request to log in to this site.
' *** Loggar in användare samt sparar session variablar "MM_Username" samt "MM_UserAuthorization".
'
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername=CStr(Request.Form("username"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization="access_level"
MM_redirectLoginSuccess="/extranet/Default_2.asp"
MM_redirectLoginFailed="access_denied.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_users_STRING
MM_rsUser.Source = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM users WHERE username='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("password"),"'","''") & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
TOPICS
Server side applications
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
Learn more
LEGEND
,
/t5/dreamweaver-discussions/session-variable-on-log-in-page/m-p/1007642#M194690
Sep 06, 2006
Sep 06, 2006
Copy link to clipboard
Copied
i'd have unique user names and use it later for whatever you
need.
there's a server behavior for that: User authentication > Check User
Name or somethink like this
anyway you could try this if you prefer the ID field:
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
Session("ID") = MM_rsUser.Fields.Item("ID").Value
...
End If
hth,
jdoe
wavesurfer wrote:
> Hi all,
>
> I need to set a session variable in a Log In User page using the DW built in
> server behavior, using asp and access db. I want the session variable to be set
> to ID. The Log In User server behavior already stores username and
> authorization level in session variables but I also need the record ID of the
> user to be able to pull out more information about the user later. I am using
> this code to log in user and store the other session variables:
>
> <%
> ' *** Validate request to log in to this site.
> ' *** Loggar in anv�ndare samt sparar session variablar "MM_Username" samt
> "MM_UserAuthorization".
> '
> MM_LoginAction = Request.ServerVariables("URL")
> If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" +
> Server.HTMLEncode(Request.QueryString)
> MM_valUsername=CStr(Request.Form("username"))
> If MM_valUsername <> "" Then
> MM_fldUserAuthorization="access_level"
> MM_redirectLoginSuccess="/extranet/Default_2.asp"
> MM_redirectLoginFailed="access_denied.asp"
> MM_flag="ADODB.Recordset"
> set MM_rsUser = Server.CreateObject(MM_flag)
> MM_rsUser.ActiveConnection = MM_users_STRING
> MM_rsUser.Source = "SELECT username, password"
> If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source &
> "," & MM_fldUserAuthorization
> MM_rsUser.Source = MM_rsUser.Source & " FROM users WHERE username='" &
> Replace(MM_valUsername,"'","''") &"' AND password='" &
> Replace(Request.Form("password"),"'","''") & "'"
> MM_rsUser.CursorType = 0
> MM_rsUser.CursorLocation = 2
> MM_rsUser.LockType = 3
> MM_rsUser.Open
> If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
> ' username and password match - this is a valid user
> Session("MM_Username") = MM_valUsername
> If (MM_fldUserAuthorization <> "") Then
> Session("MM_UserAuthorization") =
> CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
> Else
> Session("MM_UserAuthorization") = ""
> End If
> if CStr(Request.QueryString("accessdenied")) <> "" And false Then
> MM_redirectLoginSuccess = Request.QueryString("accessdenied")
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginSuccess)
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginFailed)
> End If
> %>
>
there's a server behavior for that: User authentication > Check User
Name or somethink like this
anyway you could try this if you prefer the ID field:
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
Session("ID") = MM_rsUser.Fields.Item("ID").Value
...
End If
hth,
jdoe
wavesurfer wrote:
> Hi all,
>
> I need to set a session variable in a Log In User page using the DW built in
> server behavior, using asp and access db. I want the session variable to be set
> to ID. The Log In User server behavior already stores username and
> authorization level in session variables but I also need the record ID of the
> user to be able to pull out more information about the user later. I am using
> this code to log in user and store the other session variables:
>
> <%
> ' *** Validate request to log in to this site.
> ' *** Loggar in anv�ndare samt sparar session variablar "MM_Username" samt
> "MM_UserAuthorization".
> '
> MM_LoginAction = Request.ServerVariables("URL")
> If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" +
> Server.HTMLEncode(Request.QueryString)
> MM_valUsername=CStr(Request.Form("username"))
> If MM_valUsername <> "" Then
> MM_fldUserAuthorization="access_level"
> MM_redirectLoginSuccess="/extranet/Default_2.asp"
> MM_redirectLoginFailed="access_denied.asp"
> MM_flag="ADODB.Recordset"
> set MM_rsUser = Server.CreateObject(MM_flag)
> MM_rsUser.ActiveConnection = MM_users_STRING
> MM_rsUser.Source = "SELECT username, password"
> If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source &
> "," & MM_fldUserAuthorization
> MM_rsUser.Source = MM_rsUser.Source & " FROM users WHERE username='" &
> Replace(MM_valUsername,"'","''") &"' AND password='" &
> Replace(Request.Form("password"),"'","''") & "'"
> MM_rsUser.CursorType = 0
> MM_rsUser.CursorLocation = 2
> MM_rsUser.LockType = 3
> MM_rsUser.Open
> If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
> ' username and password match - this is a valid user
> Session("MM_Username") = MM_valUsername
> If (MM_fldUserAuthorization <> "") Then
> Session("MM_UserAuthorization") =
> CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
> Else
> Session("MM_UserAuthorization") = ""
> End If
> if CStr(Request.QueryString("accessdenied")) <> "" And false Then
> MM_redirectLoginSuccess = Request.QueryString("accessdenied")
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginSuccess)
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginFailed)
> End If
> %>
>
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
Learn more
wavesurfer
AUTHOR
Explorer
,
LATEST
/t5/dreamweaver-discussions/session-variable-on-log-in-page/m-p/1007643#M194691
Sep 06, 2006
Sep 06, 2006
Copy link to clipboard
Copied
Thanks, I go for the unique username solution, seems like
that is preferable.
THANKS!
THANKS!
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
Learn more

